Solved: Does the Security Gateway provide Agent Installers? What would be the DL links?

r_weber · ‎13 Oct 2017

I couldn't find in the documentation if/how the security gate provides OneAgent installers (it should).

As it's purpose is a gateway, there might not be direct download capabilities from the host where the agent should be installed to the Dynatrace Managed Server.

Certified Dynatrace Master, Dynatrace Partner - 360Performance.net

r_weber · ‎13 Oct 2017

And if not how does the OneAgent detect that it should connect to the security gateway and not to the server. I guess that needs manual configuration of the OneAgent install?

Documentation on that is a bit vague 🙂

Certified Dynatrace Master, Dynatrace Partner - 360Performance.net

Julius_Loman · ‎16 Oct 2017

Security gateway does not provide Oneagent installer images. Server does.
You don't have to download the image directly from the machine where oneagent is about to be installed. A single image (per platform) can be used.

AFAIK list of endpoints (server addresses + security gateways list) where agent is about to connect is embedded into the installer at download time.

Certified Dynatrace Master | Alanata a.s., Slovakia, Dynatrace Master Partner

r_weber · ‎16 Oct 2017

It would be a cool improvement feature if the security gateway could work as proxy to provide the agent installers. That way a client could use the comfortable download of the agent with it's autoconfig settings without the need of providing the agent via a separate download.

E.g. in the environment UI we know which security gateway is used, provide a wget command that pulls it from the server but proxied via SGW.

Certified Dynatrace Master, Dynatrace Partner - 360Performance.net

c_zelabueno · ‎17 Jul 2018

Julius L. what about PaaS agent installers for Azure? Dynatrace Extension look to donwload agents through Rest API but I cant publish to Internet my Dynatrace Managed Server. I think that public security gateway should be able to reache to download paasInstallers..but it can't.

Julius_Loman · ‎18 Jul 2018

Sorry, I don't have any experience with the Azure extensions. But you are right, there are situations when only Dynatrace SGW is reachable. I would open a support ticket for this case.

Certified Dynatrace Master | Alanata a.s., Slovakia, Dynatrace Master Partner

mike_villiger · ‎19 Jul 2018

SGW does proxy API requests which is how the installer is fetched. It does not cache the installers though, it simply acts as a proxy for the requests.

Julius_Loman · ‎19 Jul 2018

How do you make API call to installer downloads through the GW?
If my SaaS environment is https://abc1234.live.dynatrace.com

So API call is for example https://abc1234.live.dynatrace.com/api / v1/time

Although I've been successful for calling the API via security gateway by spoofing the Host header with

curl -H "Host: abc1234.live.dynatrace.com" https://secgw.local:9999/api/v1/time

When trying to reach the installer download API, it always gives me 500 response code:

curl -H "Host: abc1234.live.dynatrace.com" "https://secgw.local:9999/api/v1/deployment/installer/agent/unix/paas/latest?Api-Token=abcd123456-123sdqweWS&arch=x86_64&flavor=default

{"error":{"code":500,"message":"Request has timed out."}}

Certified Dynatrace Master | Alanata a.s., Slovakia, Dynatrace Master Partner